Microsoft Purview- Paint By Numbers Series (Part 0) - Overview
Published Aug 19 2021 10:15 AM 8,689 Views
Microsoft

paint_by_numbers_splash_picture.jpg

If you wish to jump to a more relevant section of this series for what you are attempting to accomplish, use the links below.

 

OVERVIEW (Part 0)

0   - Microsoft Purview - Paint By Numbers Series (Part 0) - Overview 

0a - Microsoft Purview - Paint By Numbers Series (Part 0a) - Permissions 

 

DATA CLASSIFICATION (Part 1)

1   - Microsoft Purview - Paint By Numbers Series (Part 1) - Sensitive Information Types

1a - Microsoft Purview - Paint By Numbers Series (Part 1a) - Exact Data Match (old UI)

1b - Microsoft Purview - Paint By Numbers Series (Part 1b) - Trainable Classifiers 

1c - Microsoft Purview - Paint By Numbers Series (Part 1c) - Exact Data Match (new UI)

 

INFORMATION PROTECTION (Part 2)

2   - Microsoft Purview - Paint By Numbers Series (Part 2)- Information Protection

2a - Microsoft Purview - Paint By Numbers Series (Part 2a) - Adding the ability to add Container and Site labels 

2b - Microsoft Purview - Paint By Numbers Series (Part 2b) - Adding a Sensitivity Label to a Container and/or Site 

2c - Microsoft Purview - Paint By Numbers Series (Part 2c) - Default Labels 

2d - Microsoft Purview - Paint By Numbers Series (Part 2d) - Required Labels 

2e - Microsoft Purview - Paint By Numbers Series (Part 2e) - Using Multiple Sensitivity Labels

2f - Microsoft Purview - Paint By Numbers Series (Part 2g) – TBA

2g - Microsoft Purview - Paint By Numbers Series (Part 2g) – Recommended Labeling of Files and Emails

 

DATA LOSS PREVENTION (Part 3)

3   - Microsoft Purview - Paint By Numbers Series (Part 3) - Data Loss Prevention for Exchange

3a - Microsoft Purview - Paint By Numbers Series (Part 3a) - DLP for Endpoint (SIT-based) 

3b - Microsoft Purview - Paint By Numbers Series (Part 3b) - DLP for Endpoint (Label-based) 

3c - Microsoft Purview - Paint By Numbers Series (Part 3c) - Data Loss Prevention with Teams Chat 

 

RECORD MANAGEMENT (Part 4)

4   - Microsoft Purview - Paint By Numbers Series (Part 4) - Records Management

 

PREMIUM eDISCOVERY (Part 5)

5   - Microsoft Purview - Paint By Numbers Series (Part 5 - from 2021) - Premium eDiscovery (old walk through)

5   - Microsoft Purview - Paint By Numbers Series (Part 5) - Overview and Settings

5a - Microsoft Purview - Paint By Numbers Series (Part 5a) - Case Creation and Case Settings

5b - Microsoft Purview - Paint By Numbers Series (Part 5b) - Data Sources and Collections

5c - Microsoft Purview - Paint By Numbers Series (Part 5c) - Review Sets

5d - Microsoft Purview - Paint By Numbers Series (Part 5d) - Communication

5e - Microsoft Purview - Paint By Numbers Series (Part 5e) - Holds

5f - Microsoft Purview - Paint By Numbers Series (Part 5f) - Processing

5g - Microsoft Purview - Paint By Numbers Series (Part 5g) - Exports 

5h - Microsoft Purview - Paint By Numbers Series (Part 5h) - Jobs

 

INSIDER RISK MANAGEMENT (Part 6)

6   - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Overview

6a - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Permissions

6b - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Settings

6c - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Policies

6d - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Alerts

6e - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Cases (investigations)

 

VIVA (Part 7)

7   - Microsoft Purview - Paint By Numbers Series (Part 7) - Viva and Purview Workloads 

 

INFORMATION BARRIERS (Part 8)

8a   - Microsoft Purview - Paint By Numbers Series (Part 8a) - Information Barriers and Teams Chat 

 

COMPLIANCE MANAGER (Part 9)

9a   - Microsoft Purview - Paint By Numbers Series (Part 9a) - Compliance Manager - Overview 

9b   - Microsoft Purview - Paint By Numbers Series (Part 9b) - Compliance Manager - Run an Assessment 

9c   - Microsoft Purview - Paint By Numbers Series (Part 9c) - Compliance Manager - Improvement Actions 

 

 

Microsoft Defender for Cloud Apps (MDCA) and Data Loss Prevention (DLP) (Part 10)

10   - Microsoft Purview - Paint By Numbers Series (Part 10) - Compliance Manager - Microsoft Dender for Cloud Apps and DLP - Overview 

10a   - Microsoft Purview - Paint By Numbers Series (Part 10a) - Compliance Manager - Microsoft Defender for Cloud Apps - MS Teams Browser DLP 

 

Overview of this Blog Series

This blog series is meant to address several specific use cases in the Compliance space as well as provide step-by-step approach to run basic tests against those use cases.

 

We will start with the overview and permissions of the Purview stack.  Then, as you look at the diagram below, you will see that the blog series starts with the Sensitive Information Type (SIT) as a foundation and then all other parts of compliance are built on that foundation.  Once you understand how to create and modify a SIT, you can then create an Exact Data Match, if you want.  Once you’ve done Part 1/1a you can then do Parts 2-5 (and future parts) in the order provided or you can perform them in the order relevant to your needs.

 

James_Havens_0-1653603177714.png

 

 

 

In each Part of this blog, I will explain the Use Case related that Compliance function.  Please note there is more than one use case for each of these functions, but for simplicity, I am only addressing one per for each.

 

Microsoft Purview (April 19, 2022)

As of April 19, 2022, Microsoft Compliance is now known as Microsoft Purview.  Please see the link at the bottom of this page for more information about this renaming and what it means

James_Havens_1-1650482501230.png

 

 

 

Disclaimer

This document is not meant to replace any official documentation, including those found at docs.microsoft.com.  Those documents are continually updated and maintained by Microsoft Corporation.  If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in docs.microsoft.com, you should always defer to that official documentation and contact your Microsoft Account team as needed.  Links to the docs.microsoft.com data will be referenced both in the document steps as well as in the appendix.

All of the following steps should be done with test data, and where possible, testing should be performed in a test environment.  Testing should never be performed against production data.

 

Target Audience

The Sensitive Information Type (SIT) section of this blog series is aimed at Compliance officers who need to identify any PII and PHI data in their environment.

 

Document Scope

This document is meant to provide an overview of the Microsoft Purview Suite (formerly Compliance Suite) to an administrator who is “net new” to Microsoft E5 tools.

 

Out-of-Scope

This document does not cover any other aspect of Microsoft E5 Compliance, including:

  • Sensitive Information Types
  • Exact Data Matching
  • Sensitivity Labeling
  • Data Protection Loss (DLP) for Exchange, OneDrive, Devices
  • Microsoft Cloud App Security (MCAS)
  • Records Management (retention and disposal)
  • Advanced eDiscovery (AeD)
  • Insider Risk Management
  • Privacy Management

It is presumed that you have a pre-existing of understanding of what Microsoft E5 Compliance does and how to navigate the User Interface (UI).

 

Overview of Document

  1. Overview
  2. Microsoft Purview
  3. Target Audience
  4. Document Scope
  5. Out of Scope
  6. Use Case
  7. Definitions
  8. Notes
  9. Requirements
  10. Appendix and Links

 

Use Case

None

 

Definitions

  1. Data Classification
    1. The core of the Compliance tool is the Microsoft Information Protection (MIP) engine.  This engine allows for indexing of existing data and then track any changes made to that data via the Compliance tool set (example – information label that data with sensitivity and governance labels).

 

  1. Information Protection
    1. This is the tool that is used to apply labels, watermarks, headers, footnotes and encryption to emails, files, etc  These labels carry with files/emails inside and outside the organization.

 

  1. Data Loss Prevention
    1. This component of the solution blocks emails and files being leaked or stolen from the organization, whether it be from the endpoint devices (windows 10/11 and Mac) or from Exchange Online, SharePoint Online, Teams, or OneDrive.

 

  1. Information Governance
    1. This tool applies Retention and Disposal polices to files and emails inside of a tenant, thereby helping the organization meet its regulatory needs.

 

  1. Advanced eDiscovery
    1. This is the Microsoft eDiscovery tool.  It performs more than just search, hold and export.  It provides for granular eDiscovery functions, such as review, redaction, searches against existing holds, etc.

 

  1. Insider Risk Management
    1. This tool brings in the telemetry from the organization’s tenant and onboarded devices to provide a baseline of “behavior” of for users.  Examples of this baseline, as it relates to compliance workloads, are copying data, deleting data, uploading data to the cloud, etc.

 

Notes

  • Replication times for changes in Purview polices take affect:
    • DLP policies will take approximately 15 minutes to take affect
    • Other Compliances items could take 24-48 hours for other changes to take affect

 

Requirements

None

 

Appendix and Links

 

 

 

Note: This solution is a sample and may be used with Microsoft Compliance tools for dissemination of reference information only. This solution is not intended or made available for use as a replacement for professional and individualized technical advice from Microsoft or a Microsoft certified partner when it comes to the implementation of a compliance and/or advanced eDiscovery solution and no license or right is granted by Microsoft to use this solution for such purposes. This solution is not designed or intended to be a substitute for professional technical advice from Microsoft or a Microsoft certified partner when it comes to the design or implementation of a compliance and/or advanced eDiscovery solution and should not be used as such.  Customer bears the sole risk and responsibility for any use. Microsoft does not warrant that the solution or any materials provided in connection therewith will be sufficient for any business purposes or meet the business requirements of any person or organization.

 

Co-Authors
Version history
Last update:
‎Jun 28 2023 07:15 PM
Updated by: